CryptoAuth_pvt.h 3.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136
  1. /* vim: set expandtab ts=4 sw=4: */
  2. /*
  3. * You may redistribute this program and/or modify it under the terms of
  4. * the GNU General Public License as published by the Free Software Foundation,
  5. * either version 3 of the License, or (at your option) any later version.
  6. *
  7. * This program is distributed in the hope that it will be useful,
  8. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  9. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  10. * GNU General Public License for more details.
  11. *
  12. * You should have received a copy of the GNU General Public License
  13. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  14. */
  15. #ifndef CryptoAuth_pvt_H
  16. #define CryptoAuth_pvt_H
  17. #include "crypto/CryptoAuth.h"
  18. #include "crypto/ReplayProtector.h"
  19. #include "interface/Interface.h"
  20. #include "benc/Object.h"
  21. #include "util/log/Log.h"
  22. #include "memory/Allocator.h"
  23. #include "util/events/EventBase.h"
  24. #include "wire/Headers.h"
  25. #include "wire/Message.h"
  26. #include "util/Identity.h"
  27. #include <stdint.h>
  28. struct CryptoAuth_Auth {
  29. union Headers_AuthChallenge challenge;
  30. uint8_t secret[32];
  31. String* user;
  32. };
  33. struct CryptoAuth_pvt
  34. {
  35. struct CryptoAuth pub;
  36. uint8_t privateKey[32];
  37. struct CryptoAuth_Auth* passwords;
  38. uint32_t passwordCount;
  39. uint32_t passwordCapacity;
  40. struct Log* logger;
  41. struct EventBase* eventBase;
  42. struct Allocator* allocator;
  43. struct Random* rand;
  44. Identity
  45. };
  46. struct CryptoAuth_Wrapper
  47. {
  48. /** The public key of the other node, all zeros is taken to mean "don't know" */
  49. uint8_t herPerminentPubKey[32];
  50. /**
  51. * Bind this CryptoAuth session to the other node's ip6 address,
  52. * any packet avertizing a key which doesn't hash to this will be dropped.
  53. */
  54. uint8_t herIp6[16];
  55. /**
  56. * If an object was associated with a password and the remote host authed
  57. * with the password this will be the object, otherwise it will be null.
  58. */
  59. String* user;
  60. /** The shared secret. */
  61. uint8_t sharedSecret[32];
  62. uint8_t herTempPubKey[32];
  63. uint8_t ourTempPrivKey[32];
  64. uint8_t ourTempPubKey[32];
  65. /** An outgoing message which is buffered in the event that a reverse handshake is required. */
  66. struct Message* bufferedMessage;
  67. /** A password to use for authing with the other party. */
  68. String* password;
  69. /** Used for preventing replay attacks. */
  70. struct ReplayProtector replayProtector;
  71. /** The next nonce to use. */
  72. uint32_t nextNonce;
  73. /** Used to reset the connection if it's in a bad state (no traffic coming in). */
  74. uint32_t timeOfLastPacket;
  75. /** The method to use for trying to auth with the server. */
  76. uint8_t authType;
  77. /** True if this node began the conversation. */
  78. bool isInitiator : 1;
  79. /** If true and the other end is connecting, do not respond until a valid password is sent. */
  80. bool requireAuth : 1;
  81. bool established : 1;
  82. /** A pointer back to the main cryptoauth context. */
  83. struct CryptoAuth_pvt* const context;
  84. /** The internal interface which we are wrapping. */
  85. struct Interface* const wrappedInterface;
  86. /** The interface which this wrapper provides. */
  87. struct Interface externalInterface;
  88. /** A name for the wrapper which will appear in logs. */
  89. char* name;
  90. Identity
  91. };
  92. uint8_t CryptoAuth_receiveMessage(struct Message* received, struct Interface* interface);
  93. uint8_t CryptoAuth_encryptHandshake(struct Message* message,
  94. struct CryptoAuth_Wrapper* wrapper,
  95. int setupMessage);
  96. int CryptoAuth_decryptRndNonce(uint8_t nonce[24], struct Message* msg, uint8_t secret[32]);
  97. void CryptoAuth_encryptRndNonce(uint8_t nonce[24], struct Message* msg, uint8_t secret[32]);
  98. #endif